A modern business is targeted by a variety of cyber-threats. How to stay safe?

As technology evolves and enables us to do things more and more effectively, so do the threats that can cause a variety of losses, from man hour loss, data loss, reputation loss to financial loss. Losses are never a good thing in business. So what can be done about it?
First and foremost should always be awareness about the existing threats and educating the employees to recognise and avoid them.
No amount of technical (hardware or software) protection can guarantee security if the users themselves act irresponsibly and potentially maliciously. Guidelines for safe use of a company’s devices should help ensure the employees always know what to do, when confronted with any specific situation.
Regulatory compliance is forcing businesses to focus on various aspects of data protection, as lost or stolen partner or customer lists, payment lists, credit card lists and other sensitive data can result in all manner of privacy and other breaches, which can end up in litigation, reputation and financial loss. But is enough done in preventing data breaches?
And finally there is the constant threat of malware infection. Nearly every second business has in the past couple of years suffered a ransomware attack, had their computers locked, their files lost or had to pay ransom to regain them, and one in five was forced to shut down because of this.
Do companies sufficiently consider malware protection and its impact on system resources, encryption, secure backup and recovery of their data and secure authentication when planning their IT infrastructure? How to go about all this comprehensively?
Here are some tips:
-
Consider the threats that come from outside and inside of the company and plan accordingly.
-
Keep all employees informed and maintain guidelines on safe practices.
-
Try not to run the business on outdated platforms and operating systems, as they are more prone to infiltration.
-
Use a scalable and centrally managed anti-malware solution and make sure it is regularly updated.
-
Have a thought-out password policy and use two-factor authentication for all critical processes.
-
Encrypt all sensitive data transfers and data storage, so that even if it is intercepted by unauthorised people, they cannot use it.
-
Backup! Backup! Backup! Secure backup and recovery can prevent many headaches in the case of ransomware infections and other attempts to jeopardise your data.
The Malwarebytes’ State of Ransomware report and Cisco 2016 Midyear Cybersecurity Report formed the source for these statistics.